package cn.tj212.inmall.controller.backend;

import cn.tj212.inmall.common.Const;
import cn.tj212.inmall.common.ServerResponse;
import cn.tj212.inmall.pojo.User;
import cn.tj212.inmall.service.IUserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;

import javax.servlet.http.HttpSession;

@Controller
@RequestMapping("/manage/user/")
public class UserManageController {

    @Autowired
    private IUserService userService;

    @RequestMapping(value = "login",method = RequestMethod.POST)
    @ResponseBody
    public ServerResponse<User> login(String username, String password, HttpSession session){
        ServerResponse<User> serverResponse=userService.login(username,password);
        if (serverResponse.isSuccess()){
            User user=serverResponse.getData();
            if (user.getRole()== Const.Role.ROLE_ADMIN){
                //登录的是管理员
                session.setAttribute(Const.CURRENT_USER,user);
                return serverResponse;
            }else {
                return ServerResponse.createByErrorMsg("不是管理员账户，无法登陆！");
            }
        }
        return serverResponse;
    }
}
